<?php
header('content-type:text/html;charset=utf-8');
if(!empty($_POST)){
	session_start();
    define('IN_TG','doregister');
    require ('includes/common.inc.php');
    include ROOT_PATH.'includes/check.func.php';
    _check_code($_POST['code'],$_SESSION['code']);
    $name=_check_username($_POST['username'],4,20);
    $pwd=_check_password($_POST['password'],$_POST['notpassword'],4);
    $username = sha1($name);
    $sql = "select tg_id from tg_user where tg_uniqid = '$username'";
    $res = _num_rows(_query($sql));
    if($res==0){
        $password = $pwd;
        $question = _check_question($_POST['question'],2,20);
        $answer = _check_answer($_POST['question'],$_POST['answer'],2,40);
        $nickname = _check_username($_POST['nickname'],2,20);
        $sex = _check_sex($_POST['sex']);
        $face = _check_face($_POST['face']);
        $email = _check_email($_POST['email'],5,40);
        $qq = _check_qq($_POST['qq']);
        $url = _check_url($_POST['url'],40);
        $reg_time = date('Y-m-d H:i:s',time());
        $ip=_get_ip();
        $sql = "insert into tg_user(tg_uniqid,tg_password,tg_question,tg_answer,tg_username,tg_sex,tg_face,tg_email,tg_qq,tg_url,tg_reg_time,tg_last_ip)values('$username','$password','$question','$answer','$nickname','$sex','$face','$email','$qq','$url','$reg_time','$ip')";
        $res = _query($sql);
        if($res){
            $_clean['id']=_insert_id();
            $_clean['username']=$nickname;
            $_clean['face']=$face;
            $_clean['sex']=$sex;
            $_clean['email']=$email;
            $_clean['url']=$url;
            _set_xml('new.xml',$_clean);
            header('Location:login.php');
        }else{
            _alert_back("数据库错误");
        }
	}
	else{
        _alert_back("用户名被占用");
	}
}
?>